<?php


// ##############################################################################||
// #                                                                 
// #   MySmartBB Version 1.7.0	                                      
// #   http://www.MySmartBB.com                                      
// #   Copyright (c) 2008 by MySmartBB team                           
// #   license http://opensource.org/licenses/gpl-license.php GNU Public License
// #                                                             
// #   filename : common.php                                          
// #   the core of MySmartBB                                          
// #                                                                  
// ##############################################################################||


// ** Include important files **
     include('includes/config.php');
     include('includes/function.php');
     include('includes/SmartSQL.php');
     include('includes/Security.php');
     include('includes/param.class.php');

     // ** support for php older than 4.1.0 **
     $php_v = phpversion();
     if ($php_v < '4.1.0' ){
         $_GET = $HTTP_GET_VARS;
         $_POST = $HTTP_POST_VARS;
         $_COOKIE = $HTTP_COOKIE_VARS;
         $_SESSION = $HTTP_SESSION_VARS;
         $_SERVER = $HTTP_SERVER_VARS;
     }

     // ** Create objects **
     $DB       = new SmartSQL;
     $SF       = new SmartFunction;
     $Security = new SmartSecurity;
     $Param    = new SmartParam;

     if (SubFile == 1) { define('SMARTY_DIR','../includes/Smarty/'); }
     if (SubFile != 1) { define('SMARTY_DIR','includes/Smarty/'); }

     include(SMARTY_DIR . 'Smarty.class.php');
     $Smarty = new Smarty();

     if (SubFile == 1)
     {
         $Smarty->template_dir = 'style/template';
     }

     // ** Connect with database **
     $DB->setinfo($db_server,$db_username,$db_password,$db_name);
     $DB->sql_connect();
     $DB->sql_selectdb();

     $Param->param();

     // ** Common codes **
     if (install != 1)
     {
         $info_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "info WHERE id='1'");
         $info_row   = $DB->sql_fetch_array($info_query);

         $info_row['perpage'] = intval($info_row['perpage']);
		 
		 $MySBB_Version = '1.0';
		 $Smarty->assign('MySBB_Version',$MySBB_Version);
		 
         $member_permission = 0;
         $new_pm            = 0;
         $subject_show      = 0;
         $now               = time();
         $timeout           = time()-300;
         $ip                = $SF->userip($ip);
		 $ips				= $ip;
		 $path				= $_SERVER['PHP_SELF'];
		 $file				= $HTTP_POST_FILES;
         $date              = date('j/n/Y');
         $day               = date('D');
         $Hgmttime          = gmdate('H');
         $Sgmttime          = gmdate(':i:s');
         $gmttime           = $Hgmttime . $Sgmttime;
         $visitor_row       = array();
         $query_num         = 0;

         $DB->sql_query("DELETE FROM " . $db_prefix . "online WHERE (logged<$timeout) or (username='" . $SF->SafeOutPuts($_COOKIE['MySBB_username']) . "')");
         $DB->sql_query("DELETE FROM " . $db_prefix . "today WHERE user_date<>'" . $date . "'");

         if (AdminFolder != 1)
         {
             if (!empty($_COOKIE['MySBB_username']))
             {
                 $member_check = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $SF->SafeSQL($_COOKIE['MySBB_username']) . "' AND password='" . $SF->SafeSQL($_COOKIE['MySBB_password']) . "'");
                 $member_c_num = $DB->sql_num_rows($member_check);
                 $member_row   = $DB->sql_fetch_array($member_check);


if($ips!=$member_row['ruser_ip'])
{

$update_ip = $DB->sql_query("UPDATE " . $db_prefix . "member SET ruser_ip='".$ips."' WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");

}

                 if ($member_c_num != 0)
                 {
                     $member_permission = 1;
                     $user_time = $Hgmttime+$member_row['user_time'];
                     $user_time = $user_time.$Sgmttime;

                     $Smarty->assign('MySBB_username',$SF->SafeOutPuts($member_row['username']));
                     $Smarty->assign('lastvisit',$member_row['lastvisit']);
                     $Smarty->assign('user_time',$user_time);

                     $groupper_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $member_row['usergroup'] . "'");
                     $groupper_row   = $DB->sql_fetch_array($groupper_query);

                     $username_wstyle = $groupper_row['username_style'];
                     $username_wstyle = explode('[username]',$username_wstyle);
                     $style_username  = addslashes($username_wstyle[0] . htmlspecialchars($member_row['username']) . $username_wstyle[1]);

/*                     $user_location = $path; 


                     $user_location = $_SERVER['PHP_SELF']; 

                        switch (substr($user_location,-9)) $user_location
                        {*/
						
	                 $user_location   = $path;
					 $user_location   = strrev($user_location);
                     $user_location   = explode('/',$user_location);
                     $user_location   = $user_location[0];
					 $user_location   = strrev($user_location);

                        switch ($user_location)
                        { 
						case 'index.php':
						$u_location = 'الصفحة الرئيسية';
						break;

						case 'forum.php':
						$cat_query = mysql_query("SELECT * FROM " . $db_prefix . "section WHERE id='".intval($_GET['id'])."'");
						$CQ=mysql_fetch_array($cat_query);
						$u_location = '<a href="forum.php?show=1&id='.intval($_GET['id']).'">يتصفح منتدى '.$CQ['title'].'</a>';
						break;

						case 'show.php':
						$cat_query = mysql_query("SELECT * FROM " . $db_prefix . "subject WHERE id='".intval($_GET['id'])."'");
						$CQ=mysql_fetch_array($cat_query);
						$u_location = '<a href="show.php?main=1&id='.intval($_GET['id']).'">يطلع على موضوع '.$CQ['title'].'</a>';
						break;

						case 'newtopic.php':
						$u_location = 'يكتب موضوع جديد';
						break;

						case 'misc.php':
						if($_GET['online']==1){
							$u_location = '<a href="misc.php?online=1">يشاهد المتواجدون الآن</a>';
						}
						if($_GET['static']==1){
							$u_location = '<a href="misc.php?static=1">يشاهد إحصائيات المنتدى</a>';
						}
						if($_GET['team']==1){
							$u_location = '<a href="misc.php?team=1">يطلع على قائمة المسؤولين عن المنتدى</a>';
						}
						if($_GET['profile']==1){
							$ShowUserName=mysql_query("SELECT * FROM " . $db_prefix . "member WHERE id='".intval($_GET['id'])."' or username='".$_GET['username']."'");
							$SUN=mysql_fetch_array($ShowUserName);
							if($_GET['id']){
								$u_location = '<a href="misc.php?profile=1&id='.intval($_GET['id']).'">يطلع على الملف الشخصي للعضو '.htmlspecialchars(stripslashes($SUN['username'])).'</a>';
							}else{
								$u_location = '<a href="misc.php?profile=1&username='.$_GET['username'].'">يطلع على الملف الشخصي للعضو '.htmlspecialchars(stripslashes($SUN['username'])).'</a>';

							}
						}
						break;

						case 'usercp.php':
						if($_GET['index']==1){$u_location = 'يشاهد لوحة التحكم';}
						if($_GET['info']==1){$u_location = 'يعدل معلوماته الشخصية';}
						if($_GET['options']==1){$u_location = 'يعدل إعداداته الشخصية';}
						if($_GET['sig']==1){$u_location = 'يعدل توقيعه';}
						if($_GET['password']==1){$u_location = 'يغير كلمة المرور';}
						if($_GET['email']==1){$u_location = 'يغيير البريد الإلكتروني';}
						if($_GET['avatar']==1){$u_location = 'يغيير الصورة الشخصية';}
						if($_GET['reply']==1){$u_location = 'يشاهد المواضيع المشترك بها';}
						if($_GET['subject']==1){$u_location = 'يشاهد المواضيع التي قام بكتابتها';}
						break;

						case 'memberlist.php':
						$u_location = 'قائمة الاعضاء';
						break;

						case 'search.php':
						$u_location = 'محرك البحث';
						break;

						case 'pm.php':
						if($_GET['send']==1){
							$u_location = 'يرسل رسالة خاصة جديدة';
						}
						if($_GET['folder']=='inbox'){
							$u_location = 'يشاهد صندوق الرسائل';
						}
						if($_GET['folder']=='sent'){
							$u_location = 'يشاهد الرسائل الصادرة';
						}
						if($_GET['list']==1){
							$u_location = 'يطلع على قائمة المراسلات';
						}
						break;

						case 'newreply.php':
						$u_location = 'يرد على موضوع';
						break;

						case 'editsubject.php':
						$u_location = 'تحرير موضوع';
						break;

						case 'editreply.php':
						$u_location = 'تحرير رد';
						break;

						case 'contactus.php':
						$u_location = 'صفحة مراسلة الادارة';
						break;
						
						default:
						$u_location = 'غير معروف';
						break;
					}

                     if (SHOW_SUBJECT == 1)
                     {
                         $subject_show = 1;
                         $subject_id   = intval($_GET['id']);
                     }
                     else
                     {
                         $subject_show = 0;
                         $subject_id   = 0;
                     }

                     if (NOT_IN_INDEX != 1)
                     {
                         $insert = $DB->sql_query("INSERT INTO " . $db_prefix . "online (id,username,path,logged,user_id,user_ip,hide_browse,username_style,user_location,subject_show,subject_id) VALUES('NULL','" . $SF->SafeSQL($member_row['username']) . "','" . $_SERVER['PHP_SELF'] . "','" . $now . "','" . $member_row['id'] . "','" . $ip . "','" . $member_row['hide_online'] . "','" . $style_username . "','" . $u_location . "','" . $subject_show . "','" . $subject_id . "')");
                     }

                     if (NOT_IN_INDEX == 1)
                     {
                         $insert = $DB->sql_query("INSERT INTO " . $db_prefix . "online (id,username,path,logged,user_id,user_ip,notinindex_id,hide_browse,username_style,user_location,subject_show,subject_id) VALUES('NULL','" . $SF->SafeSQL($member_row['username']) . "','".$_SERVER['PHP_SELF']."','".$now."','".$member_row['id']."','". $ip ."','".intval($_GET['id'])."','" . $member_row['hide_online'] . "','" . $style_username . "','" . $u_location . "','" . $subject_show . "','" . $subject_id . "')");
                     }

                     $today_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "today WHERE user_id='" . $SF->SafeSQL($member_row['id']) . "' AND user_date='" . $date . "'");
                     $today_user_row = $DB->sql_fetch_array($today_query);
                     $today_num   = $DB->sql_num_rows($today_query);

                     if ($today_num == 0)
                     {
                         $insert         = $DB->sql_query("INSERT INTO " . $db_prefix . "today(id,username,user_id,user_date,hide_browse,username_style) VALUES('NULL','" . $SF->SafeSQL($member_row['username']) . "','" . $member_row['id'] . "','$date','" . $member_row['hide_online'] . "','" . $style_username . "')");
                         $update_visitor = $DB->sql_query("UPDATE " . $db_prefix . "member SET visitor=visitor+1 WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
                     }
                     else if (($today_user_row['username'] != $member_row['username']) or ($SF->SafeSQL($today_user_row['username_style']) != $style_username))
                     {
                         $update         = $DB->sql_query("DELETE FROM " . $db_prefix . "today WHERE user_id='" . $SF->SafeSQL($member_row['id']) . "'");
                         $insert         = $DB->sql_query("INSERT INTO " . $db_prefix . "today(id,username,user_id,user_date,hide_browse,username_style) VALUES('NULL','" . $SF->SafeSQL($member_row['username']) . "','" . $member_row['id'] . "','$date','" . $member_row['hide_online'] . "','" . $style_username . "')");
                     }

                     if (empty($_COOKIE['MySBB_lastvisit']))
                     {
                         # one hour : 3550
                         # one day : 85200
                         $lastvisit_cookie = setcookie('MySBB_lastvisit',$member_row['lastvisit'],time()+85200);
                         $lastvisit_update = $DB->sql_query("UPDATE " . $db_prefix . "member SET lastvisit='" . $date . "' WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");

                         $Smarty->assign('MySBB_lastvisit',$member_row['lastvisit']);
                     }
                     else
                     {
                         $Smarty->assign('MySBB_lastvisit',$SF->SafeSQL($_COOKIE['MySBB_lastvisit']));
                     }
                     $Smarty->assign_by_ref('member_row',$member_row);
                 }
             }

             ### --------------------------------------- ##

             if (empty($_COOKIE['MySBB_username']))
             {
                 $member_permission = 0;

                 $onlineinsert_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE user_ip='$ip' AND username='زائر'");
                 $onlineinsert_num   = $DB->sql_num_rows($onlineinsert_query);

                 if ($onlineinsert_num > 0)
                 {
                     if (NOT_IN_INDEX == 0)
                     {
                         $update = $DB->sql_query("UPDATE " . $db_prefix . "online SET logged='$now',path='" . $_SERVER['PHP_SELF'] . "',user_ip='$ip' WHERE user_ip='".$ip."' AND username='زائر'");
                     }

                     if (NOT_IN_INDEX == 1)
                     {
                         $update = $DB->sql_query("UPDATE " . $db_prefix . "online SET logged='$now',path='".$_SERVER['PHP_SELF']."',user_ip='$ip',notinindex_id='".intval($_GET['id'])."' WHERE user_ip='".$ip."' AND username='زائر'");
                     }
                 }

                 if ($onlineinsert_num == 0)
                 {
                     if (NOT_IN_INDEX == 0)
                     {
                         $insert = $DB->sql_query("INSERT INTO " . $db_prefix . "online (id,username,path,logged,user_ip,user_id,username_style) VALUES('NULL','زائر','".$_SERVER['PHP_SELF']."','".$now."','".$ip."','-48878','زائر')");
                     }

                     if (NOT_IN_INDEX == 1)
                     {
                         $insert = $DB->sql_query("INSERT INTO " . $db_prefix . "online (id,username,path,logged,user_ip,user_id,notinindex_id,username_style) VALUES('NULL','زائر','".$_SERVER['PHP_SELF']."','".$now."','".$ip."','-48878','".intval($_GET['id'])."','زائر')");
                     }
                 }

                 $groupper_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='7'");
                 $groupper_row   = $DB->sql_fetch_array($groupper_query);
             }

             ### --------------------------------------- ##

             $Security->GET_XSS();
             $Security->Injection();

             if ($info_row['contactus_active'] == 1)
             {
                 $contactusactive = 1;
             }
             else
             {
                 $contactusactive = 0;
             }

             $Smarty->assign('contactusactive', $contactusactive);
         }

         $visitor_row['usergroup'] = 7;

         if ($member_permission == 1)
         {
             $visitor_row['usergroup'] = $member_row['usergroup'];
         }
         else
         {
             $visitor_row['usergroup'] = 7;
         }

         // Page headers
         $SF->do_headers();

         $Smarty->assign_by_ref('groupper_row',$groupper_row);
         $Smarty->assign_by_ref('info_row',$info_row);
         $Smarty->assign_by_ref('_GET',$_GET);
         $Smarty->assign('member_permission',$member_permission);
         $Smarty->assign('new_pm',$new_pm);
         $Smarty->assign('board_title',$info_row['title']);
		 $Smarty->assign('board_link',$info_row['contactus_link']);
         $Smarty->assign('time',$gmttime);
         $Smarty->assign('cp_Folder',$cp_Folder);

         if (NO_STYLE != 1)
         {
             if (AdminFolder != 1)
             {
                 if ($member_permission == 0)
                 {
                     if (empty($_COOKIE['MySmartBB_style']))
                     {
                         $getdefstyle_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "style WHERE id='" . $info_row['def_style'] . "'");
                         $getdefstyle_row   = $DB->sql_fetch_array($getdefstyle_query);
                     }
                     else
                     {
                         $getdefstyle_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "style WHERE id='" . intval($_COOKIE['MySmartBB_style']) . "'");
                         $getdefstyle_row   = $DB->sql_fetch_array($getdefstyle_query);
                     }

                    print"\n";
					print'<link rel="stylesheet" href="'.$getdefstyle_row['style_path'].'"  type="text/css">';


                     $Smarty->assign('image_path',$getdefstyle_row['image_path']);

                     $Smarty->compile_dir  = $getdefstyle_row['cache_path'];
                     $image_path           = $getdefstyle_row['image_path'];
                     $template_path        = $getdefstyle_row['template_path'];
                     $style_name                          = $getdefstyle_row['style_title'];
                     $style_id                         = $getdefstyle_row['id'];
                 }

                 if ($member_permission == 1)
                 {
                     $getdefstyle_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "style WHERE id='" . $member_row['style'] . "'");
                     $getdefstyle_row   = $DB->sql_fetch_array($getdefstyle_query);

                    print"\n";
					print'<link rel="stylesheet" href="'.$getdefstyle_row['style_path'].'"  type="text/css">';


                     $Smarty->assign('image_path',$getdefstyle_row['image_path']);

                     $image_path    = $getdefstyle_row['image_path'];
                     $template_path = $getdefstyle_row['template_path'];
                     $style_name    = $getdefstyle_row['style_title'];
                     $style_id      = $getdefstyle_row['id'];
                 }

                 $Smarty->assign('style_name',$style_name);
                 $Smarty->assign('style_id',$style_id);

                 if ($groupper_row['allow_see_offstyles'] == 1 ){
                     $getstylelist_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "style WHERE id<>'" . $style_id . "' ORDER BY style_order DESC");
                 }
                 elseif ( $groupper_row['allow_see_offstyles'] == 0)
                 {
                     $getstylelist_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "style WHERE id<>'" . $style_id . "' AND style_on<>'0' ORDER BY style_order DESC");
                 }

                 $getstylelist_rows = array();
                 while ($getstylelist_row = $DB->sql_fetch_array($getstylelist_query))
                 {
                     $getstylelist_rows[] = $getstylelist_row;
                     $Smarty->assign('getstylelist_rows',$getstylelist_rows);
                 }
             }
         }

         if (SubFile != 1)
         {
             $Smarty->template_dir = $template_path;
             $Smarty->compile_dir  = $getdefstyle_row['cache_path'];
         }

         if (SubFile != 1)
         {
             if (NO_HEADER != 1)
             {
                 if ($info_row['ads_num'] > 0)
                 {
                     $getads_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "ads ORDER BY RAND() LIMIT 0,1");
                     $getads_row   = $DB->sql_fetch_array($getads_query);
                     $getads_num   = $DB->sql_num_rows($getads_query);

                     $Smarty->assign_by_ref('getads_row',$getads_row);
                     $Smarty->assign('getads_num',$getads_num);
                 }

         if (!empty($_GET['id']))
         {
             $id = intval($_GET['id']);
             $profile_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE id='$id'");
         }
         elseif (!empty($_GET['username']))
         {
             $username       = $SF->SafeSQL($_GET['username']);
             $profile_query  = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $username . "'");
         }
         else
         {
     		$profile_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $SF->SafeOutPuts('COOKIE','MySBB_username') . "'");
         }
     $profile_row   = $DB->sql_fetch_array($profile_query);
	 
         if ($profile_row['user_gender'] == 'm')
         {
             $Smarty->assign('gender','ذكر');
         }
         elseif ($profile_row['user_gender'] == 'f')
         {
             $Smarty->assign('gender','أنثى');
         }
	 
	          $lastsubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE writer='" . $SF->SafeSQL($member_row['username']) . "' AND delete_topic<>'1' ORDER BY id DESC LIMIT 0,1");
         $lastsubject_num   = $DB->sql_num_rows($lastsubject_query);
         $lastsubject_row   = $DB->sql_fetch_array($lastsubject_query);
         $last_title        = $SF->SafeOutPuts($lastsubject_row['title']);

         if ($lastsubject_row['sec_subject'] !=  1){
             $last_subject  = "<a href='show.php?main=1&amp;id=$lastsubject_row[id]'>$last_title</a>";
         }
         else
         {
             $last_subject  = "(موضوع خاص)";
         }

         if ($lastsubject_num == 0)
         {
             $Smarty->assign('last_subject','ليست لديك أية مواضيع');
         }
         elseif ($lastsubject_num != 0)
         {
             $Smarty->assign('last_subject',$last_subject);
         }
	 
     $lastreply_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE writer='" . $SF->SafeSQL($member_row['username']) . "' AND delete_topic<>'1' ORDER BY id DESC LIMIT 0,1");
     $lastreply_num	  = $DB->sql_num_rows($lastreply_query);
     $lastreply_row   = $DB->sql_fetch_array($lastreply_query);
     if ($lastreply_num == 0) { $Smarty->assign('last_reply','ليست لديك أية ردود'); }
     if ($lastreply_num != 0) {
     $lastreplysubject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE id='" . $lastreply_row['subject_id'] . "' AND delete_topic<>'1'");
     $lastreplysubject_row	  = $DB->sql_fetch_array($lastreplysubject_query);
     $last_reply = "<a href='show.php?main=1&id=$lastreplysubject_row[id]'>$lastreplysubject_row[title]</a>";
     $Smarty->assign('last_reply',$last_reply);
     }
     $register_date = $SF->DateFormatDo($member_row['register_date']);
     $profileuser_time   = $Hgmttime+$member_row['user_time'];
     $profileuser_time   = $profileuser_time.$Sgmttime;
     $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='" . $member_row['usergroup'] . "'");
     $group_row   = $DB->sql_fetch_array($group_query);
     $progroup_query     = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $group_row['group_id'] . "'");
     $progroup_row       = $DB->sql_fetch_array($progroup_query);
     $profile_groupname  = $progroup_row['title'];
     $Smarty->assign('register_date',$register_date);
     $Smarty->assign('user_sig',$user_sig);
     $Smarty->assign('profileuser_time',$profileuser_time);
     $Smarty->assign('profile_groupname',$profile_groupname);
     $Smarty->assign_by_ref('profile_row',$profile_row);

             }
         }

         if (NO_STYLE != 1)
         {
            print"\n";
			if (AdminFolder != 1){
			print'<script type="text/javascript" src="includes/function.js"></script>';
			}
			else{
			print'<script type="text/javascript" src="../includes/function.js"></script>';}
         }

         $todaysubject = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE write_date='$date' AND delete_topic<>'1' AND sec_subject<>'1'"));
         $Smarty->assign('todaysubject',$todaysubject);

         if ($info_row['board_close'] == 1)
         {
             if ($groupper_row['admincp_allow'] != 1)
             {
                 if (AdminFolder != 1)
                 {
                     $SF->html_title_page($info_row['title'] . ' - (Powered By MySmartBB Universal)');
                     $SF->error($info_row['board_msg']);
                 }
             }
         }

         if ($member_permission == 0)
         {
             if (NO_VISITOR != 1 and AdminFolder != 1)
             {
                 if ($info_row[$day] == 0)
                 {
                     $Smarty->display('homepage_visitors.tpl');
                     exit();
                 }
             }
         }

         if ($member_permission == 1)
         {
             if ($groupper_row['banned'] == 1)
             {
                 $SF->error('المعذرة، لا يمكنك تصفح المنتدى');
             }
         }

         if ($_SERVER['REQUEST_METHOD'] == 'POST')
         {
             $Y = explode('/',$GLOBALS['HTTP_REFERER']);
             $X = explode('/',$GLOBALS['HTTP_HOST']);

             if ($Y[2] != $X[0])
             {
                 $SF->error('المعذرة هذه الطريقة غير شرعية');
             }
         }
     }

?>
<?php if($install == 1){include('ban.php');} ?>